In a previous blog relating to Acrobat vulnerabilities, I suggested that you might want to sign up for Adobe’s alerts service. I did, but still haven’t received any news from it. However, it appears that The Register (or one of its sources) did, so I’m nevertheless aware that Adobe has released updates to address the problems we’ve flagged previously several times previously (http://www.eset.com/threat-center/blog/?p=593, http://www.eset.com/threat-center/blog/?p=579, http://www.eset.com/threat-center/blog/?p=572).
In case Adobe isn’t speaking to you either, you might want to hotfoot it over there and update to Reader 9.1 (and, if you’re using Acrobat 9, go to Acrobat 9.1). Adobe also says it is "planning to make available updates for Adobe Reader 7 and 8, and Acrobat 7 and 8, by March 18…[and] Adobe Reader 9.1 for Unix by March 25".
Meanwhile, Microsoft has released one critical update and two important updates: as discussed previously, there’s no update yet for the Excel vulnerability we’ve also discussed here and here and even here. Don’t panic: I’m sure there’ll be one along eventually.
David Harley BA CISSP FBCS CITP
Director of Malware Intelligence
Author David Harley, ESET